- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide: Foundation learning for SWITCH 642-813Richard Froom, CCIE No. 5102Balaji SivasubramanianErum Frahim, CCIE No. 7549Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide is a Cisco (R) authorized learning tool for CCNP (R) and CCDP (R) preparation. As part of the Cisco Press foundation learning series, this book covers how to plan, configure, and verify the implementation of complex enterprise switching solutions using the Cisco Campus Enterprise Architecture. The Foundation Learning Guide also covers secure integration of VLANs, WLANs, voice, and video into campus networks.Each chapter opens with the list of topics covered to clearly identify the focus of that chapter. At the end of each chapter, a summary and review questions provide you with an opportunity to assess and reinforce your understanding of the material. Throughout the book detailed explanations with commands, configurations, and diagrams serve to illuminate theoretical concepts. Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide is ideal for certification candidates who are seeking a tool to learn all the topics covered in the SWITCH 642-813 exam.- Serves as the official book for the Cisco Networking Academy CCNP SWITCH course- Provides a thorough presentation of the fundamentals of multilayer switched network design- Explains the implementation of the design features such as VLAN, Spanning Tree, and inter-VLAN routing in the multilayer switched environment- Explains how to implement high-availability technologies and techniques- Covers security features in a switched network- Presents self-assessment review questions, chapter topics, summaries, command syntax explanations, network diagrams, and configuration examples to facilitate effective studyingThis book is in the Foundation Learning Guide Series. These guides are developed together with Cisco (R) as the only authorized, self-paced learning tools that help networking professionals build their understanding of networking concepts and prepare for Cisco certification exams.
Contents
Chapter 1 Analyzing the Cisco Enterprise Campus ArchitectureIntroduction to Enterprise Campus Network Design 2Regulatory Standards Driving Enterprise Architectures 4Campus Designs 5Legacy Campus Designs 5Hierarchical Models for Campus Design 6Impact of Multilayer Switches on Network Design 7Ethernet Switching Review 7Layer 2 Switching 8Layer 3 Switching 10Layer 4 and Layer 7 Switching 11Layer 2 Switching In-Depth 12Layer 3 Switching In-Depth 12Understanding Multilayer Switching 14Introduction to Cisco Switches 15Cisco Catalyst 6500 Family of Switches 15Cisco Catalyst 4500 Family of Switches 15Cisco Catalyst 4948G, 3750, and 3560 Family of Switches 16Cisco Catalyst 2000 Family of Switches 16Nexus 7000 Family of Switches 16Nexus 5000 and 2000 Family of Switches 17Hardware and Software-Switching Terminology 17Campus Network Traffic Types 18Peer-to-Peer Applications 21Client/Server Applications 21Client-Enterprise Edge Applications 23Overview of the SONA and Borderless Networks 25Enterprise Campus Design 27Access Layer In-Depth 29Distribution Layer 29Core Layer 31The Need for a Core Layer 32Campus Core Layer as the Enterprise Network Backbone 33Small Campus Network Example 33Medium Campus Network Example 34Large Campus Network Design 34Data Center Infrastructure 35PPDIOO Lifecycle Approach to Network Design and Implementation 37PPDIOO Phases 37Benefits of a Lifecycle Approach 38Planning a Network Implementation 39Implementation Components 40Summary Implementation Plan 40Detailed Implementation Plan 42Summary 43Review Questions 43Chapter 2 Implementing VLANs in Campus Networks 51Implementing VLAN Technologies in a Campus Network 52VLAN Segmentation Model 53End-to-End VLAN 54Local VLAN 55Comparison of End-to-End VLANs and Local VLANs 56Mapping VLANs to a Hierarchical Network 57Planning VLAN Implementation 58Best Practices for VLAN Design 59Configuring VLANs 60VLAN Ranges 60Verifying the VLAN Configuration 63Troubleshooting VLANs 67Troubleshooting Slow Throughput 67Troubleshooting Communication Issues 68Implementing Trunking in Cisco Campus Network 68Trunking Protocols 69Understanding Native VLAN in 802.1Q Trunking 71Understanding DTP 72Cisco Trunking Modes and Methods 72VLAN Ranges and Mappings 73Best Practices for Trunking 73Configuring 802.1Q Trunking 74Verifying Trunking Configurations 76Troubleshooting Trunking 77VLAN Trunking Protocol 78VTP Pruning 81VTP Versions 82VTP Versions 1 and 2 82VTP Version 3 83VTP Messages Types 83Summary Advertisements 83Subset Advertisements 84Advertisement Requests 84VTP Authentication 84Best Practices for VTP Implementation 84Configuring VTP 85Verifying the VTP Configuration 85Troubleshooting VTP 87Private VLANs 87Private VLANs Overview 88Private VLANs and Port Types 88Private VLAN Configuration 90Configuring Private VLANs in Cisco IOS 91Verifying Private VLAN 92Private VLAN Configuration Example 93Single Switch Private Configuration 93Private VLAN Configuration Across Switches 94Port Protected Feature 97Configuring Link Aggregation with EtherChannel 97Describe EtherChannel 98PAgP and LACP Protocols 101PAgP Modes 101LACP Modes 103Configure Port Channels Using EtherChannel 105Guidelines for Configuring EtherChannel 105Layer 2 EtherChannel Configuration Steps 106Verifying EtherChannel 108EtherChannel Load Balancing Options 110Summary 112Review Questions 113Chapter 3 Implementing Spanning Tree 119Evolution of Spanning Tree Protocols 119Spanning Tree Protocol Basics 121STP Operation 122Rapid Spanning Tree Protocol 125RSTP Port States 126RSTP Port Roles 127Rapid Transition to Forwarding 129RSTP Topology Change Mechanism 132Bridge Identifier for PVRST+ 136Compatibility with 802.1D 137Cisco Spanning Tree Default Configuration 137PortFast 138Configuring the PortFast Feature 138Configuring the Basic Parameters of PVRST+ 140Multiple Spanning Tree 141MST Regions 143Extended System ID for MST 144Configuring MST 145Spanning Tree Enhancements 150BPDU Guard 152BPDU Filtering 153Root Guard 155Preventing Forwarding Loops and Black Holes 158Loop Guard 158UDLD 161Comparison Between Aggressive Mode UDLD and Loop Guard 165Flex Links 166Recommended Spanning Tree Practices 168Troubleshooting STP 171Potential STP Problems 171Duplex Mismatch 172Unidirectional Link Failure 172Frame Corruption 173Resource Errors 173PortFast Configuration Error 174Troubleshooting Methodology 174Develop a Plan 175Isolate the Cause and Correct an STP Problem 175Document Findings 177Summary 178References 179Review Questions 179Chapter 4 Implementing Inter-VLAN Routing 183Describing Inter-VLAN Routing 184Introduction to Inter-VLAN Routing 184Inter-VLAN Routing Using an External Router (Router-on-a-Stick) 186External Router: Advantages and Disadvantages 189Inter-VLAN Routing Using Switch Virtual Interfaces 190SVI: Advantages and Disadvantages 192Routing with Routed Ports 192Routed Port: Advantage and Disadvantages 193L2 EtherChannel Versus L3 EtherChannel 194Configuring Inter-VLAN Routing 194Inter-VLAN Configuration with External Router 195Implementation Planning 195Inter-VLAN Configuration with SVI 197Implementation Plan 197Switch Virtual Interface Configuration 198SVI Autostate 199Configuring Routed Port on a Multilayer Switch 200Verifying Inter-VLAN Routing 201Troubleshooting Inter-VLAN Problems 204Example of a Troubleshooting Plan 205Configuration of Layer 3 EtherChannel 206Routing Protocol Configuration 208Verifying Routing Protocol 208Implementing Dynamic Host Configuration Protocol in a Multilayer Switched Environment 210DHCP Operation 211Configuring DHCP and Verifying DHCP 212Configure DHCP on the Multilayer Switch 212Configure DHCP Relay 213Verifying DHCP Operation 214Deploying CEF-Based Multilayer Switching 215Multilayer Switching Concepts 215Explaining Layer 3 Switch Processing 216CAM and TCAM Tables 217Distributed Hardware Forwarding 220Cisco Switching Methods 221Route Caching 222Topology-Based Switching 223CEF Processing 225CEF Operation and Use of TCAM 227CEF Modes of Operation 227Address Resolution Protocol Throttling 228Sample CEF-Based MLS Operation 230CEF-Based MLS Load Sharing 231Configuring CEF and Verifying CEF Configuration 232CEF-Based MLS Configuration 232CEF-Based MLS Verification 232Troubleshooting CEF 236Summary 237Review Questions 237Chapter 5 Implementing High Availability and Redundancy in a Campus Network 243Understanding High Availability 244Components of High Availability 244Redundancy 245Technology 246People 246Processes 247Tools 248Resiliency for High Availability 249Network-Level Resiliency 249High Availability and Failover Times 249Optimal Redundancy 251Provide Alternate Paths 252Avoid Too Much Redundancy 253Avoid Single Point of Failure 253Cisco NSF with SSO 254Routing Protocols and NSF 255Implementing High Availability 255Distributed VLANs on Access Switches 256Local VLANs on Access Switches 256Layer 3 Access to the Distribution Interconnection 257Daisy Chaining Access Layer Switches 257StackWise Access Switches 259Too Little Redundancy 260Implementing Network Monitoring 262Network Management Overview 262Syslog 263Syslog Message Format 265Configuring Syslog 267SNMP 269SNMP Versions 270SNMP Recommendations 272Configuring SNMP 272IP Service Level Agreement 273IP SLA Measurements 273IP SLA Operations 275IP SLA Source and Responder 275IP SLA Operation with Responder 275IP SLA Responder Timestamps 277Configuring IP SLA 277Implementing Redundant Supervisor Engines in Catalyst Switches 280Route Processor Redundancy 281Route Processor Redundancy Plus 282Configuring and Verifying RPR+ Redundancy 283Stateful Switchover (SSO) 284Configuring and Verifying SSO 285NSF with SSO 286Configuring and Verifying NSF with SSO 287Understanding First Hop Redundancy Protocols 288Introduction to First Hop Redundancy Protocol 288Proxy ARP 289Static Default Gateway 290Hot Standby Router Protocol (HSRP) 291HSRP States 294HSRP State Transition 295HSRP Active Router and Spanning Tree Topology 296Configuring HSRP 296HSRP Priority and Preempt 297HSRP Authentication 298HSRP Timer Considerations and Configuration 299HSRP Versions 301HSRP Interface Tracking 302HSRP Object Tracking 304HSRP and IP SLA Tracking 305Multiple HSRP Groups 306HSRP Monitoring 307Virtual Router Redundancy Protocol 309VRRP Operation 311VRRP Transition Process 312Configuring VRRP 312Gateway Load Balancing Protocol 315GLBP Functions 316GLBP Features 317GLBP Operations 318GLBP Interface Tracking 318GLBP Configuration 322GLBP with VLAN Spanning Across Access Layer Switches 322Cisco IOS Server Load Balancing 323Cisco IOS SLB Modes of Operation 325Configuring the Server Farm in a Data Center with Real Servers 326Configuring Virtual Servers 328Summary 330Review Questions 331Chapter 6 Securing the Campus Infrastructure 333Switch Security Fundamentals 334Security Infrastructure Services 334Unauthorized Access by Rogue Devices 336Layer 2 Attack Categories 337Understanding and Protecting Against MAC Layer Attack 339Suggested Mitigation for MAC Flooding Attacks 341Port Security 341Port Security Scenario 1 341Port Security Scenario 2 342Configuring Port Security 343Caveats to Port Security Configuration Steps 344Verifying Port Security 345Port Security with Sticky MAC Addresses 347Blocking Unicast Flooding on Desired Ports 348Understanding and Protecting Against VLAN Attacks 349VLAN Hopping 349VLAN Hopping with Double Tagging 350Mitigating VLAN Hopping 351VLAN Access Control Lists 352Configuring VACL 353Understanding and Protecting Against Spoofing Attacks 355Catalyst Integrated Security Features 355DHCP Spoofing Attack 356DHCP Snooping 358ARP Spoofing Attack 361Preventing ARP Spoofing Through DynamicARP Inspection 362IP Spoofing and IP Source Guard 368Configuring IPSG 370Securing Network Switches 372Neighbor Discovery Protocols 372Cisco Discovery Protocol 373Configuring CDP 373Configuring LLDP 375CDP Vulnerabilities 375Securing Switch Access 376Telnet Vulnerabilities 377Secure Shell 377VTY ACLs 378HTTP Secure Server 379Authentication Authorization Accounting (AAA) 380Security Using IEEE 802.1X Port-Based Authentication 387Configuring 802.1X 389Switch Security Considerations 390Organizational Security Policies 391Securing Switch Devices and Protocols 391Configuring Strong System Passwords 392Restricting Management Access Using ACLs 392Securing Physical Access to the Console 393Securing Access to vty Lines 393Configuring System Warning Banners 393Disabling Unneeded or Unused Services 394Trimming and Minimizing Use of CDP/LLDP 395Disabling the Integrated HTTP Daemon 395Configuring Basic System Logging 396Securing SNMP 396Limiting Trunking Connections and Propagated VLANs 396Securing the Spanning-Tree Topology 396Mitigating Compromises Launched Through a Switch 397Troubleshooting Performance and Connectivity 398Techniques to Enhance Performance 398Monitoring Performance with SPAN and VSPAN 400Using SPAN to Monitor the CPU Interface of Switches 403Monitoring Performance with RSPAN 404Monitoring Performance with ERSPAN 408Monitoring Performance Using VACLs with the Capture Option 410Troubleshooting Using L2 Traceroute 412Enhancing Troubleshooting and Recovery Using Cisco IOS Embedded Event Manager 413Performance Monitoring Using the Network Analysis Module in the Catalyst 6500 Family of Switches 414Summary 415Review Questions 416Chapter 7 Preparing the Campus Infrastructure for Advanced Services 419Planning for Wireless, Voice, and Video Application in the Campus Network 420The Purpose of Wireless Network Implementations in the Campus Network 420The Purpose of Voice in the Campus Network 421The Purpose of Video Deployments in the Campus Network 423Planning for the Campus Network to Support Wireless Technologies 423Introduction to Wireless LANs (WLAN) 423Cisco WLAN Solutions as Applied to Campus Networks 426Comparing and Contrasting WLANs and LANs 428Standalone Versus Controller-Based Approaches to WLANDeployments in the Campus Network 429Controller-Based WLAN Solution 430Traffic Handling in Controller-Based Solutions 433Traffic Flow in a Controller-Based Solution 434Hybrid Remote Edge Access Points (HREAP) 435Review of Standalone and Controller-Based WLAN Solutions 436Gathering Requirements for Planning a Wireless Deployment 436Planning for the Campus Network to Support Voice 437Introduction to Unified Communications 438Campus Network Design Requirements for Deploying VoIP 439Planning for the Campus Network to Support Video 440Voice and Video Traffic 441Video Traffic Flow in the Campus Network 442Design Requirements for Voice, Data, and Video in the Campus Network 444Understanding QoS 444QoS Service Models 446AutoQoS 447Traffic Classification and Marking 448DSCP, ToS, and CoS 448Classification 449Trust Boundaries and Configurations 450Marking 451Traffic Shaping and Policing 451Policing 452Congestion Management 453FIFO Queuing 453Weighted Round Robin Queuing 453Priority Queuing 455Custom Queuing 455Congestion Avoidance 455Tail Drop 456Weighted Random Early Detection 456Implementing IP Multicast in the Campus Network 458Introduction to IP Multicast 459Multicast IP Address Structure 462Reserved Link Local Addresses 463Globally Scoped Addresses 463Source-Specific Multicast Addresses 463GLOP Addresses 464Limited-Scope Addresses 464Multicast MAC Address Structure 464Reverse Path Forwarding 465Multicast Forwarding Tree 466Source Trees 467Shared Trees 468Comparing Source Trees and Shared Trees 469IP Multicast Protocols 470PIM 470Automating Distribution of RP 474Auto-RP 474Bootstrap Router 475Comparison and Compatibility of PIM Version 1 and Version 2 476Configuring Internet Group Management Protocol 478IGMPv1 478IGMPv2 478IGMPv3 479IGMPv3 Lite 479IGMP Snooping 480Preparing the Campus Infrastructure to Support Wireless 484Wireless LAN Parameters 484Configuring Switches to Support WLANs 484Preparing the Campus Network for Integration of a Standalone WLAN Solution 484Preparing the Campus Network for Integration of a Controller-Based WLAN Solution 485Preparing the Campus Infrastructure to Support Voice 487IP Telephony Components 487Configuring Switches to Support VoIP 488Voice VLANs 488QoS for Voice Traffic from IP Phones 490Power over Ethernet 491Additional Network Requirements for VoIP 493Preparing the Campus Infrastructure to Support Video 494Video Components 494Configuring Switches to Support Video 495Summary 496Review Questions 497Appendix A 5039781587058844 TOC 5/20/2010
